#include <string.h>
#include <sys/types.h>
#include <sys/wait.h>
+#include <sys/stat.h>
#include <unistd.h>
+#include <fcntl.h>
+
#include "udev.h"
#include "udev_lib.h"
+#include "udevdb.h"
#include "logging.h"
#define DEVD_DIR "/etc/dev.d/"
static int run_program(char *name)
{
pid_t pid;
+ int fd;
dbg("running %s", name);
switch (pid) {
case 0:
/* child */
+ udevdb_exit(); /* close udevdb */
+ fd = open("/dev/null", O_RDWR);
+ if ( fd >= 0) {
+ dup2(fd, STDOUT_FILENO);
+ dup2(fd, STDIN_FILENO);
+ dup2(fd, STDERR_FILENO);
+ }
+ close(fd);
execv(name, main_argv);
dbg("exec of child failed");
exit(1);
switch(pid) {
case 0:
/* child */
- close(STDOUT_FILENO);
-
- /* dup write side of pipe to STDOUT */
- dup(fds[1]);
+ /* dup2 write side of pipe to STDOUT */
+ dup2(fds[1], STDOUT_FILENO);
if (argv[0] != NULL) {
dbg("execute '%s' with given arguments", argv[0]);
retval = execv(argv[0], argv);
#include <signal.h>
#include "tdb.h"
#include "spinlock.h"
+#include "../udev_lib.h"
#else
#include "includes.h"
#endif
goto fail; /* errno set by open(2) */
}
+ /*
+ Close file when execing another process.
+ Prevents SELinux access errors.
+ */
+ set_cloexec_flag(tdb->fd, 1);
+
/* ensure there is only one process initialising at once */
if (tdb_brlock(tdb, GLOBAL_LOCK, F_WRLCK, F_SETLKW, 0) == -1) {
TDB_LOG((tdb, 0, "tdb_open_ex: failed to get global lock on %s: %s\n",
closedir(dir);
return 0;
}
+
+/* Set the FD_CLOEXEC flag of desc if value is nonzero,
+ or clear the flag if value is 0.
+ Return 0 on success, or -1 on error with errno set. */
+
+int set_cloexec_flag (int desc, int value)
+{
+ int oldflags = fcntl (desc, F_GETFD, 0);
+ /* If reading the flags failed, return error indication now. */
+ if (oldflags < 0)
+ return oldflags;
+ /* Set just the flag we want to set. */
+ if (value != 0)
+ oldflags |= FD_CLOEXEC;
+ else
+ oldflags &= ~FD_CLOEXEC;
+ /* Store modified flag word in the descriptor. */
+ return fcntl (desc, F_SETFD, oldflags);
+}
extern void leading_slash(char *path);
extern void no_leading_slash(char *path);
extern int call_foreach_file(int fnct(char *f) , char *filename, char *extension);
-
+extern int set_cloexec_flag (int desc, int value);
#endif
exit(1);
}
+ set_cloexec_flag(ssock, 1);
+
/* the bind takes care of ensuring only one copy running */
retval = bind(ssock, (struct sockaddr *) &saddr, addrlen);
if (retval < 0) {
goto fallback;
}
+ set_cloexec_flag(sock, 1);
+
memset(&saddr, 0x00, sizeof(struct sockaddr_un));
saddr.sun_family = AF_LOCAL;
/* use abstract namespace for socket path */
projects / systemd / commitdiff